easy-admin-rails 0.2.0 → 0.2.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e27a938d7c68cc803a52c941ab073b82d077d2019a09d1dab636e92016f2ae78
-  data.tar.gz: 94c16e1bd8b00dbcbddee3adad22dc0122eb50d118e6aa815f7d28dd437d0404
+  metadata.gz: 87d3c4867f51a6c89bd00852824be9345c18dbac643010d91bbbcaed411eb683
+  data.tar.gz: f37721aeeebfc654554f1d544b0f5a649ea4b764f36ae35a52b5993741c42b69
 SHA512:
-  metadata.gz: 3d55741831c57254342bb1ef6546ffb1913070219896775251059f4dffdfa50b72af935d8d2fd47f103698d986a6b7eb56c67f9e318a706ecdf5bb430f955ba8
-  data.tar.gz: 663d5266e79bcb4a6ba283924f5edefd0b7c7dea0a56a9112789e6010513da638ad15a747d82c0328832412f4f12acbc7f4f9d6ab7b20724abf967f161e3a407
+  metadata.gz: 9aaf3cba5a2b398313e7d916cb6be2d0754a3fff3ec7c8e31ff70c03638186f7656925d30c5f49150c20c5f27040202dc9625ae306d2daed331e089d86817157
+  data.tar.gz: 95e1b5e2579cd2fe1a1aab49a2f92e2c5f2ffce0a2a7bb254c5f52044c161c133415a6df4e242380ca0c584ec760269600a988ec055e316858fa2ddc32469159

data/app/components/easy_admin/permissions/user_role_permissions_component.rb

@@ -13,7 +13,7 @@ module EasyAdmin
         
         # Get actual permissions from permissions_cache
         @user_permissions = get_user_permissions_from_cache(user)
-        @all_permissions = EasyAdmin::Permissions::Permission.all.order(:resource_type, :action)
+        @available_resources = EasyAdmin::Permissions.available_resources
         
         Rails.logger.debug "UserRolePermissionsComponent: user=#{@user&.id}, role=#{@current_role&.name}, cached_permissions=#{@user_permissions.size}"
       end
@@ -59,7 +59,8 @@ module EasyAdmin
               
               div do
                 span(class: "font-medium text-gray-500") { "Permissions Count:" }
-                p(class: "text-gray-900") { @current_role.permissions.count.to_s }
+                enabled_count = @user_permissions.count { |name, granted| granted == "true" || granted == true }
+                p(class: "text-gray-900") { enabled_count.to_s }
               end
               
               div do
@@ -85,12 +86,11 @@ module EasyAdmin
           end
 
           # Get permissions that are granted (true) from cache
-          granted_permission_names = @user_permissions.select { |name, granted| granted == "true" }.keys
-          granted_permissions = @all_permissions.select { |p| granted_permission_names.include?(p.name) }
+          granted_permission_names = @user_permissions.select { |name, granted| granted == "true" || granted == true }.keys
           
-          if granted_permissions.any?
+          if granted_permission_names.any?
             # Group permissions by resource type
-            grouped_permissions = granted_permissions.group_by(&:resource_type)
+            grouped_permissions = group_permissions_by_resource(granted_permission_names)
             
             div(class: "space-y-6") do
               grouped_permissions.each do |resource_type, resource_permissions|
@@ -115,14 +115,16 @@ module EasyAdmin
 
           # Permissions grid
           div(class: "grid grid-cols-1 md:grid-cols-2 lg:grid-cols-3 gap-3") do
-            permissions.each do |permission|
-              render_permission_card(permission)
+            permissions.each do |permission_name|
+              render_permission_card(permission_name)
             end
           end
         end
       end
 
-      def render_permission_card(permission)
+      def render_permission_card(permission_name)
+        resource_type, action = permission_name.split(':')
+        
         div(class: "flex items-start p-3 bg-green-50 border border-green-200 rounded-lg") do
           # Permission icon
           div(class: "flex-shrink-0 mr-3") do
@@ -132,18 +134,14 @@ module EasyAdmin
           # Permission details
           div(class: "flex-1 min-w-0") do
             div(class: "flex items-center mb-1") do
-              span(class: "text-sm font-medium text-gray-900 capitalize") { permission.action.humanize }
+              span(class: "text-sm font-medium text-gray-900 capitalize") { action.humanize }
               span(class: "ml-2 inline-flex items-center px-2 py-1 rounded text-xs font-medium bg-green-100 text-green-800") do
-                permission.action
+                action
               end
             end
             
-            if permission.description.present?
-              p(class: "text-xs text-gray-600 leading-relaxed") { permission.description }
-            end
-            
             # Permission name (technical)
-            p(class: "text-xs text-gray-500 font-mono mt-1") { permission.name }
+            p(class: "text-xs text-gray-500 font-mono mt-1") { permission_name }
           end
         end
       end
@@ -181,6 +179,17 @@ module EasyAdmin
           {}
         end
       end
+
+      # Group permission names by resource type
+      def group_permissions_by_resource(permission_names)
+        grouped = {}
+        permission_names.each do |permission_name|
+          resource_type, action = permission_name.split(':')
+          grouped[resource_type] ||= []
+          grouped[resource_type] << permission_name
+        end
+        grouped
+      end
     end
   end
 end

data/app/components/easy_admin/sidebar_component.rb

@@ -213,13 +213,18 @@ module EasyAdmin
       # Allow non-resource items (like Dashboard, Settings, etc.)
       return true unless item[:resource]
 
-      # For resource items, check permission
-      resource_name = item[:resource]
-      # Convert complex resource names to permission format
-      permission_resource_name = convert_resource_to_permission_name(resource_name)
-      permission_name = "#{permission_resource_name}:read"
-      
-      EasyAdmin::Permissions.authorized?(@current_user, permission_name)
+      # For resource items, check permission only if EasyAdmin::Permissions is available
+      if defined?(EasyAdmin::Permissions) && EasyAdmin::Permissions.enabled?
+        resource_name = item[:resource]
+        # Convert complex resource names to permission format
+        permission_resource_name = convert_resource_to_permission_name(resource_name)
+        permission_name = "#{permission_resource_name}:read"
+        
+        EasyAdmin::Permissions.authorized?(@current_user, permission_name)
+      else
+        # If permissions are not available, allow access to all resource items
+        true
+      end
     end
 
     def convert_resource_to_permission_name(resource_name)

data/app/controllers/easy_admin/application_controller.rb

@@ -1,7 +1,17 @@
 module EasyAdmin
   class ApplicationController < ActionController::Base
     include Pagy::Backend
-    include ActionPolicy::Controller
+    
+    # Only include ActionPolicy if it's available
+    if defined?(ActionPolicy)
+      include ActionPolicy::Controller
+      
+      # ActionPolicy authorization context
+      authorize :user, through: :current_admin_user
+
+      # Handle ActionPolicy authorization failures
+      rescue_from ActionPolicy::Unauthorized, with: :handle_authorization_failure
+    end
     
     helper EasyAdmin::FieldsHelper
     helper EasyAdmin::PagyHelper
@@ -11,16 +21,12 @@ module EasyAdmin
     before_action :set_feature_toggles
     before_action :set_paper_trail_whodunnit
     
-    # ActionPolicy authorization context
-    authorize :user, through: :current_admin_user
-
-    # Handle ActionPolicy authorization failures
-    rescue_from ActionPolicy::Unauthorized, with: :handle_authorization_failure
-    
-    # Configure ActionPolicy to use ApplicationPolicy as default for all models
-    def policy_for(record:, **opts)
-      # Always use ApplicationPolicy for all models (EasyAdmin and regular models)
-      ApplicationPolicy.new(record, **authorization_context, **opts)
+    # Configure ActionPolicy to use ApplicationPolicy as default for all models (only if ActionPolicy is available)
+    if defined?(ActionPolicy)
+      def policy_for(record:, **opts)
+        # Always use ApplicationPolicy for all models (EasyAdmin and regular models)
+        ApplicationPolicy.new(record, **authorization_context, **opts)
+      end
     end
     
     protected

data/app/controllers/easy_admin/concerns/resource_authorization.rb

@@ -2,53 +2,60 @@ module EasyAdmin
   module Concerns
     # ResourceAuthorization concern handles authorization checks for resource actions
     # Provides before_action callbacks and authorization methods for all CRUD operations
+    # Only active when ActionPolicy is available
     module ResourceAuthorization
       extend ActiveSupport::Concern
 
       included do
-        before_action :authorize_resource_access!, only: [:index]
-        before_action :authorize_record_access!, only: [:show]
-        before_action :authorize_record_creation!, only: [:new, :create]
-        before_action :authorize_record_update!, only: [
-          :edit, :update, :edit_field, :update_field, 
-          :belongs_to_reattach, :belongs_to_edit_attached, :update_belongs_to_attached
-        ]
-        before_action :authorize_record_destruction!, only: [:destroy]
-        before_action :authorize_versioning_access!, only: [:versions, :revert_version, :version_diff]
+        # Only add authorization callbacks if ActionPolicy is available
+        if defined?(ActionPolicy)
+          before_action :authorize_resource_access!, only: [:index]
+          before_action :authorize_record_access!, only: [:show]
+          before_action :authorize_record_creation!, only: [:new, :create]
+          before_action :authorize_record_update!, only: [
+            :edit, :update, :edit_field, :update_field, 
+            :belongs_to_reattach, :belongs_to_edit_attached, :update_belongs_to_attached
+          ]
+          before_action :authorize_record_destruction!, only: [:destroy]
+          before_action :authorize_versioning_access!, only: [:versions, :revert_version, :version_diff]
+        end
       end
 
       private
 
-      # Authorize access to resource index
-      def authorize_resource_access!
-        authorize! @resource_class.model_class, to: :index?
-      end
-      
-      # Authorize access to view a specific record
-      def authorize_record_access!
-        authorize! @record, to: :show?
-      end
-      
-      # Authorize creation of new records
-      def authorize_record_creation!
-        authorize! @resource_class.model_class, to: :create?
-      end
-      
-      # Authorize updating of existing records
-      def authorize_record_update!
-        authorize! @record, to: :update?
-      end
-      
-      # Authorize destruction of existing records
-      def authorize_record_destruction!
-        authorize! @record, to: :destroy?
-      end
-      
-      # Authorize access to versioning features (PaperTrail integration)
-      def authorize_versioning_access!
-        # Check if user can view record and has versioning permissions
-        authorize! @record, to: :show?
-        authorize! @record, to: :manage_versions?
+      # Authorization methods - only defined if ActionPolicy is available
+      if defined?(ActionPolicy)
+        # Authorize access to resource index
+        def authorize_resource_access!
+          authorize! @resource_class.model_class, to: :index?
+        end
+        
+        # Authorize access to view a specific record
+        def authorize_record_access!
+          authorize! @record, to: :show?
+        end
+        
+        # Authorize creation of new records
+        def authorize_record_creation!
+          authorize! @resource_class.model_class, to: :create?
+        end
+        
+        # Authorize updating of existing records
+        def authorize_record_update!
+          authorize! @record, to: :update?
+        end
+        
+        # Authorize destruction of existing records
+        def authorize_record_destruction!
+          authorize! @record, to: :destroy?
+        end
+        
+        # Authorize access to versioning features (PaperTrail integration)
+        def authorize_versioning_access!
+          # Check if user can view record and has versioning permissions
+          authorize! @record, to: :show?
+          authorize! @record, to: :manage_versions?
+        end
       end
     end
   end

data/lib/easy_admin/permissions/dsl.rb

@@ -119,51 +119,31 @@ module EasyAdmin
         }
       end
 
-      # Create permissions and roles in the database
+      # Create roles in the database (simplified - no permissions table)
       def self.seed_database(data)
-        # Check if models are available (avoid running during migrations)
-        begin
-          EasyAdmin::Permissions::Permission
-          EasyAdmin::Permissions::Role
-          EasyAdmin::Permissions::RolePermission
-        rescue NameError => e
-          Rails.logger.info "EasyAdmin::Permissions models not yet loaded: #{e.message}"
-          return
-        end
+        # Skip if tables don't exist yet (during migrations or first setup)
+        return unless ActiveRecord::Base.connection.table_exists?(:easy_admin_roles)
 
-        ActiveRecord::Base.transaction do
-          # Create permissions
-          data[:permissions].each do |perm_data|
-            EasyAdmin::Permissions::Permission.find_or_create_by(name: perm_data[:name]) do |permission|
-              permission.resource_type = perm_data[:resource_type]
-              permission.action = perm_data[:action]
-              permission.description = perm_data[:description]
-              permission.conditions = perm_data[:conditions]
+        # Defer execution until Rails is fully initialized
+        if defined?(Rails) && Rails.application && !Rails.application.initialized?
+          Rails.application.config.after_initialize do
+            # Check if models are available (avoid loading during initialization)
+            begin
+              role_class = "EasyAdmin::Permissions::Role".constantize
+            rescue NameError => e
+              Rails.logger.debug "EasyAdmin::Permissions models not yet loaded: #{e.message}"
+              return
             end
-          end
-
-          # Create roles and assign permissions
-          data[:roles].each do |role_data|
-            role = EasyAdmin::Permissions::Role.find_or_create_by(slug: role_data[:slug]) do |r|
-              r.name = role_data[:name]
-              r.description = role_data[:description]
-              r.active = role_data[:active]
-              r.metadata = role_data[:metadata]
-            end
-
-            # Clear existing permissions for this role
-            role.role_permissions.destroy_all
 
-            # Assign new permissions
-            role_data[:permissions].each do |permission_name|
-              permission = EasyAdmin::Permissions::Permission.find_by(name: permission_name)
-              if permission
-                EasyAdmin::Permissions::RolePermission.find_or_create_by(
-                  role: role,
-                  permission: permission
-                )
-              else
-                Rails.logger.warn "Permission '#{permission_name}' not found for role '#{role_data[:name]}'"
+            ActiveRecord::Base.transaction do
+              # Create roles only (permissions are managed via JSON field)
+              data[:roles].each do |role_data|
+                role = role_class.find_or_initialize_by(slug: role_data[:slug])
+                role.assign_attributes(
+                  name: role_data[:name],
+                  description: role_data[:description],
+                  )
+                role.save! if role.changed?
               end
             end
           end
@@ -177,4 +157,4 @@ module EasyAdmin
       DSL.seed_database(data)
     end
   end
-end
+end

data/lib/easy_admin/version.rb

@@ -1,3 +1,3 @@
 module EasyAdmin
-  VERSION = "0.2.0"
+  VERSION = "0.2.2"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: easy-admin-rails
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.2.2
 platform: ruby
 authors:
 - Slaurmagan